2.9. 使用 Data Grid Security

2.9.1. 检索用户的 ACL
复制链接

查看有关用户主体和 access-control 列表的信息。

GET /rest/v2/security/user/acl

GET /rest/v2/security/user/acl

Copy to Clipboard

Toggle word wrap

Data Grid 使用执行该请求的用户的信息做出响应。列表包括用户的主体，以及资源列表以及用户访问它们时的权限。

{
  "subject": [
    {
      "name": "deployer",
      "type": "NamePrincipal"
    }
  ],
  "global": [
    "READ", "WRITE", "EXEC", "LISTEN", "BULK_READ", "BULK_WRITE", "CREATE", "MONITOR", "ALL_READ", "ALL_WRITE"  ],
  "caches": {
    "___protobuf_metadata": [
      "READ", "WRITE", "EXEC", "LISTEN", "BULK_READ", "BULK_WRITE", "CREATE", "MONITOR", "ALL_READ", "ALL_WRITE"
    ],
    "mycache": [
      "LIFECYCLE", "READ", "WRITE", "EXEC", "LISTEN", "BULK_READ", "BULK_WRITE", "ADMIN", "CREATE", "MONITOR", "ALL_READ", "ALL_WRITE"
    ],
    "___script_cache": [
      "READ", "WRITE", "EXEC", "LISTEN", "BULK_READ", "BULK_WRITE", "CREATE", "MONITOR", "ALL_READ", "ALL_WRITE"
    ]
  }
}

{
  "subject": [
    {
      "name": "deployer",
      "type": "NamePrincipal"
    }
  ],
  "global": [
    "READ", "WRITE", "EXEC", "LISTEN", "BULK_READ", "BULK_WRITE", "CREATE", "MONITOR", "ALL_READ", "ALL_WRITE"  ],
  "caches": {
    "___protobuf_metadata": [
      "READ", "WRITE", "EXEC", "LISTEN", "BULK_READ", "BULK_WRITE", "CREATE", "MONITOR", "ALL_READ", "ALL_WRITE"
    ],
    "mycache": [
      "LIFECYCLE", "READ", "WRITE", "EXEC", "LISTEN", "BULK_READ", "BULK_WRITE", "ADMIN", "CREATE", "MONITOR", "ALL_READ", "ALL_WRITE"
    ],
    "___script_cache": [
      "READ", "WRITE", "EXEC", "LISTEN", "BULK_READ", "BULK_WRITE", "CREATE", "MONITOR", "ALL_READ", "ALL_WRITE"
    ]
  }
}

Copy to Clipboard

Toggle word wrap

2.9.2. 刷新 ACL 缓存
复制链接

清空集群中的 access-control 列表缓存。

POST /rest/v2/security/cache?action=flush

POST /rest/v2/security/cache?action=flush

Copy to Clipboard

Toggle word wrap

2.9.3. 检索可用角色
复制链接

查看服务器中定义的所有可用角色。

GET /rest/v2/security/roles

GET /rest/v2/security/roles

Copy to Clipboard

Toggle word wrap

Data Grid 使用可用角色列表进行响应。如果启用了授权，则只有具有 ADMIN 权限的用户才能调用此 API。

["observer","application","admin","monitor","deployer"]

["observer","application","admin","monitor","deployer"]

Copy to Clipboard

Toggle word wrap

2.9.4. 检索主体的角色
复制链接

查看映射到主体的所有角色。

GET /rest/v2/security/roles/some_principal

GET /rest/v2/security/roles/some_principal

Copy to Clipboard

Toggle word wrap

Data Grid 使用指定主体的可用角色列表进行响应。主体不需要在使用的域中。

["observer"]

["observer"]

Copy to Clipboard

Toggle word wrap

2.9.5. 为主体授予角色
复制链接

向主体授予一个或多个新角色。

PUT /rest/v2/security/roles/some_principal?action=grant&role=role1&role=role2

PUT /rest/v2/security/roles/some_principal?action=grant&role=role1&role=role2

Copy to Clipboard

Toggle word wrap

Expand

表 2.32. 请求参数
参数	必需/可选	值
`role`	必需	角色的名称

2.9.6. 拒绝角色到主体
复制链接

删除之前授予主体的一个或多个角色。

PUT /rest/v2/security/roles/some_principal?action=deny&role=role1&role=role2

PUT /rest/v2/security/roles/some_principal?action=deny&role=role1&role=role2

Copy to Clipboard

Toggle word wrap

Expand

表 2.33. 请求参数
参数	必需/可选	值
`role`	必需	角色的名称

2.9.1. 检索用户的 ACL
复制链接

2.9.2. 刷新 ACL 缓存
复制链接

2.9.3. 检索可用角色
复制链接

2.9.4. 检索主体的角色
复制链接

2.9.5. 为主体授予角色
复制链接

2.9.6. 拒绝角色到主体
复制链接

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

2.9. 使用 Data Grid Security

2.9.1. 检索用户的 ACL复制链接链接已复制到粘贴板!

2.9.2. 刷新 ACL 缓存复制链接链接已复制到粘贴板!

2.9.3. 检索可用角色复制链接链接已复制到粘贴板!

2.9.4. 检索主体的角色复制链接链接已复制到粘贴板!

2.9.5. 为主体授予角色复制链接链接已复制到粘贴板!

2.9.6. 拒绝角色到主体复制链接链接已复制到粘贴板!

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links

2.9.1. 检索用户的 ACL
复制链接

2.9.2. 刷新 ACL 缓存
复制链接

2.9.3. 检索可用角色
复制链接

2.9.4. 检索主体的角色
复制链接

2.9.5. 为主体授予角色
复制链接

2.9.6. 拒绝角色到主体
复制链接